Jump to content
noisydaddy

Mail being blocked but IP address shows not listed in bl.spamcop.net

Recommended Posts

Hello,

My office ISP is Verizon FIOS. My site is hosted on BlueHost (richgarifo.com) using the RoundCube webmail client.

A sender's support division is attempting to send me mail (rich@richgarifo.com) but it is getting blocked. However, when I search the IP address in SpamCop the following comes up: "50.31.49.42 not listed in bl.spamcop.net". They can reply to an email I send them, but no message originating there is getting through. This .is a support site for a service I subscribe to and is very important.

Any insight on how to solve this "blocked-but-not-listed" problem is much appreciated.

V/r,

noisydaddy

Share this post


Link to post
Share on other sites
6 hours ago, noisydaddy said:

50.31.49.42

https://www.spamcop.net/w3m?action=checkblock&ip=50.31.49.42
   Listings are for 24 hours, I suspect someone has paid for a email address list full of spam-trap addresses.
These are poisoned addresses, scrapped from Web pages/internet sources by WebBot's.
SpamCop's blocklist is a radar, detecting malevolent emails, then blocking for 24 hours.
Who/whatever's doing this  needs to first scan their computer for malware and change passwords
If a who, they need to lookup double-opt-in, for marketing purposes.
Possible this is a shared IP
If you put a email address on the web do it this way "nobody[AT]nobody[DOT]net" please edit your post and remove the email address in it!

50.31.49.42 listed in bl.spamcop.net (127.0.0.2)
If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 20 hours.

Causes of listing
System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)
SpamCop users have reported system as a source of spam less than 10 times in the past week

Listing History
In the past 90.4 days, it has been listed 30 times for a total of 36.7 days
Other hosts in this "neighborhood" with spam reports
50.31.48.230 50.31.49.41

Edited by petzl

Share this post


Link to post
Share on other sites
6 hours ago, petzl said:

50.31.49.42 listed in bl.spamcop.net (127.0.0.2)
 If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 20 hours.

Yep, it is listed.

10 hours ago, noisydaddy said:

Any insight on how to solve this "blocked-but-not-listed" problem is much appreciated.

I have also seen where some is using their own blocking list, but giving the message as coming from bl.spamcop.net which can be confusing.

If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 19 hours.

Must have had some spam go out as it appears to have restarted the counter about an hour after petzl posted.

Share this post


Link to post
Share on other sites

I have the same issue. It seems there is an issue in the DNS checks. When looking up an IP Address in the web frontend it shows as not listed. But when running a dns lookup on the command line the response is not "Not found" but I get a valid DNS record in return.

 

With google DNS:

nslookup 241.195.201.138.bl.spamcop.net 8.8.8.8
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
Name:   241.195.201.138.bl.spamcop.net
Address: 91.195.240.87

With authorized name servers

nslookup 241.195.201.138.bl.spamcop.net dns4.name-services.com
Server:         dns4.name-services.com
Address:        2604:4000:4000:0:64:98:151:2#53

Name:   241.195.201.138.bl.spamcop.net
Address: 91.195.240.87

When looking up 138.201.195.241 in web frontend it shows as not listed.

What ever IP address I try to lookup I always get a valid IP address in return and all mails are blocked.

Share this post


Link to post
Share on other sites

should be returning something in the 127.0.0.1/24 range.  91.195.240.87 appears to be tied to enom.com.

Share this post


Link to post
Share on other sites

spamcop.net domain expired and for a few hours it was parked.

Email services improperly not reading bl.spamcop.net answer codes to be 127.0.0.1/8 and blocking emails are the secondary cause of your issue.

Now neither the spamcop.net team or someone from the Cisco communication staff issued a public statement or apologize for the disruption of such world-wide significant service outage caused by negligence.

Share this post


Link to post
Share on other sites

I think my DNS cache is cleared now and it appears to be working.  Does it work for you now?

Share this post


Link to post
Share on other sites
24 minutes ago, gnarlymarley said:

I think my DNS cache is cleared now and it appears to be working.  Does it work for you now?

Yes, TTL expired and now DNS service is provided by spamcop.net again.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×